Executive Diploma in Cybersecurity(EDCS)

Executive Diploma in Cybersecurity(EDCS)

This Executive Diploma is specially curated by Industry Experts for the students.

Our 4 Months Executive Diploma Programme in  Cyber Security (EDCS) is specially designed to provide a great opportunity for the students to grab their dream carrier in more than 35 different IT-oriented job roles.

Security+ Course Syllabus

Module 1: General Security Concepts

1.1 Security Controls

• Technical Controls
• Managerial Controls
• Operational Controls
• Physical Controls
• Preventive Controls
• Detective Controls
• Corrective Controls
• Deterrent Controls
• Compensating Controls
• Directive Controls

1.2 Fundamental Security Concepts

• CIA Triad
  • Confidentiality
  • Integrity
  • Availability
• Non-Repudiation
• AAA Framework
  • Authentication
  • Authorization
  • Accounting
• Zero Trust Architecture
• Deception and Disruption Technologies
  • Honeypots
  • Honeyfiles
  • Decoy Systems

1.3 Change Management

• Business Processes
• Technical Implications
• Documentation Procedures
• Approval Workflows
• Rollback Planning
• Version Control

1.4 Cryptographic Solutions

• Public Key Infrastructure (PKI)
• Encryption Technologies
• Symmetric Encryption
• Asymmetric Encryption
• Hashing Algorithms
• Digital Signatures
• Certificates
• Obfuscation Techniques

---

Module 2: Threats, Vulnerabilities, and Mitigations

2.1 Threat Actors and Motivations

• Nation-State Actors
• Organized Crime
• Hacktivists
• Insider Threats
• Script Kiddies / Unskilled Attackers
• Shadow IT

Motivations

• Financial Gain
• Espionage
• Data Exfiltration
• Sabotage
• Political/Ideological Reasons

2.2 Threat Vectors and Attack Surfaces

• Message-Based Attacks
  • Phishing
  • Smishing
  • Spam
• Social Engineering Attacks
• File-Based Threats
• Voice Call Attacks (Vishing)
• Supply Chain Attacks
• Vulnerable Software Exploitation
• Unsecured Networks

2.3 Vulnerabilities

• Application Vulnerabilities
• Hardware Vulnerabilities
• Mobile Device Vulnerabilities
• Virtualization Vulnerabilities
• Operating System Vulnerabilities
• Cloud-Specific Vulnerabilities
• Web-Based Vulnerabilities
• Supply Chain Vulnerabilities

2.4 Malicious Activities

Malware Attacks

• Viruses
• Worms
• Trojans
• Ransomware
• Spyware
• Rootkits

Password Attacks

• Brute Force
• Dictionary Attacks
• Credential Stuffing
• Rainbow Table Attacks

Application Attacks

• SQL Injection
• Cross-Site Scripting (XSS)
• Cross-Site Request Forgery (CSRF)

Network Attacks

• DoS/DDoS
• ARP Poisoning
• Man-in-the-Middle (MITM)

Physical Attacks

• Tailgating
• Shoulder Surfing
• Dumpster Diving

Cryptographic Attacks

• Collision Attacks
• Downgrade Attacks
• Birthday Attacks

2.5 Mitigation Techniques

• Network Segmentation
• Access Control
• Configuration Enforcement
• System Hardening
• Isolation Techniques
• Patch Management

---

Module 3: Security Architecture

3.1 Architecture Models

• On-Premises Infrastructure
• Cloud Computing
• Virtualization
• Internet of Things (IoT)
• Industrial Control Systems (ICS)
• Infrastructure as Code (IaC)

3.2 Enterprise Infrastructure Security

• Secure Network Design
• Secure Communication Protocols
• VPN Technologies
• Remote Access Security
• Control Selection
• Secure Access Principles

3.3 Data Protection

Data Types

• Structured Data
• Unstructured Data
• Sensitive Data

Data Protection Methods

• Encryption
• Tokenization
• Masking
• Data Loss Prevention (DLP)

Data Classification

• Public
• Internal
• Confidential
• Restricted

3.4 Resilience and Recovery

• High Availability
• Load Balancing
• Clustering
• Site Considerations
  • Hot Site
  • Warm Site
  • Cold Site
• Backup Types
  • Full Backup
  • Incremental Backup
  • Differential Backup
• Disaster Recovery
• Business Continuity
• Continuity of Operations

---

Module 4: Security Operations

4.1 Computing Resource Security

• Secure Baselines
• Mobile Device Security
• Wireless Security
• Application Security
• Sandboxing
• System Monitoring

4.2 Asset Management

• Asset Acquisition
• Asset Assignment
• Asset Monitoring and Tracking
• Asset Disposal
• Hardware Asset Management
• Software Asset Management
• Data Asset Management

4.3 Vulnerability Management

• Vulnerability Identification
• Vulnerability Analysis
• Remediation Processes
• Validation Procedures
• Reporting and Documentation

4.4 Alerting and Monitoring

• Security Monitoring Tools
• Log Management
• SIEM Solutions
• IDS/IPS Monitoring
• User Activity Monitoring
• Network Monitoring

4.5 Enterprise Security Technologies

• Firewalls
• IDS/IPS
• DNS Filtering
• Data Loss Prevention (DLP)
• Network Access Control (NAC)
• Endpoint Detection and Response (EDR)
• Extended Detection and Response (XDR)

4.6 Identity and Access Management (IAM)

• User Provisioning and Deprovisioning
• Single Sign-On (SSO)
• Multifactor Authentication (MFA)
• Privileged Access Management (PAM)

4.7 Automation and Orchestration

• Automation Use Cases
• Security Scripting
• Workflow Automation
• Benefits and Considerations

4.8 Incident Response

Incident Response Lifecycle

• Preparation
• Detection
• Containment
• Eradication
• Recovery
• Lessons Learned

Additional Topics

• Threat Hunting
• Root Cause Analysis
• Digital Forensics

4.9 Data Sources for Investigations

• Log Files
• Packet Captures
• SIEM Data
• Endpoint Logs
• Cloud Logs
• Threat Intelligence Sources

---

Module 5: Security Program Management and Oversight

5.1 Security Governance

• Policies
• Standards
• Procedures
• Guidelines
• Governance Structures
• Roles and Responsibilities
• Security Monitoring

5.2 Risk Management

Risk Processes

• Risk Identification
• Risk Assessment
• Risk Analysis
• Risk Register Management
• Risk Reporting

Risk Concepts

• Risk Appetite
• Risk Tolerance
• Business Impact Analysis (BIA)

Risk Strategies

• Risk Acceptance
• Risk Avoidance
• Risk Mitigation
• Risk Transfer

5.3 Third-Party Risk Management

• Vendor Assessment
• Vendor Selection
• Security Agreements
• SLA Review
• Vendor Monitoring
• Security Questionnaires
• Rules of Engagement

5.4 Security Compliance

• Compliance Monitoring
• Compliance Reporting
• Privacy Requirements
• Legal and Regulatory Requirements
• Consequences of Non-Compliance

5.5 Audits and Assessments

• Internal Audits
• External Audits
• Attestation
• Penetration Testing
• Security Assessments

5.6 Security Awareness and Training

• Phishing Awareness
• Social Engineering Awareness
• Password Security
• User Guidance
• Incident Reporting Procedures
• Anomalous Behavior Recognition

Ethical Hacking Course Syllabus

Module 1: Introduction to Ethical Hacking

Module 2: Foot Printing and Reconnaissance

Module 3: Scanning Networks

Module 4: Enumeration.

Module 5: Vulnerability Analysis.

Module 6: System Hacking.

Module 7: Malware Threats.

Module 8: Sniffing.

Module 9: Social Engineering.

Module 10: Denial-of-Service.

Module 11: Session Hijacking.

Module 12: Evading IDS, Firewalls, and Honeypots.

Module 13: Hacking Web Servers.

Module 14: Hacking Web Applications.

Module 15: SQL Injection.

Module 16: Hacking Wireless Networks.

Module 17: Hacking Mobile Platforms.

Module 18: IoT and OT Hacking.

Module 19: Cloud Computing.

Module 20: Cryptography.

SOC Analyst Course Syllabus

Module 1 – Security Operations and Management
Module 2 – Understanding Cyber Threats, IoCs, and Attack Methodology
Module 3 – Incidents, Events, and Logging
Module 4 – Incident Detection with Security Information and Event Management (SIEM)
Module 5 – Enhanced Incident Detection with Threat Intelligence
Module 6 – Incident Response

Splunk and its Products

Introduction to Splunk Enterprise

Introduction to Splunk Enterprise Security

Installation of Splunk Enterprise and Search head

Splunk’s User Interface

Customizing your user settings

Learn basic navigation in Splunk

Understanding various components of Splunk

Various deployment Architecture of Splunk

Installation of Splunk Enterprise and Search head

Installation Of Splunk Universal Forwarders

Introduction : Splunk Basic Configurations

Introduction to Splunk Configuration files

Introduction to Splunk Forwarder management

Basic Searching in Splunk

Writing Splunk query for search

Learn Write basic search queries

Use autocompletes to help build a search

Set time range of a search

Introduction : Splunk Indexes

Understanding the Splunk Indexes

Default Splunk Indexes

Segregation the Splunk Indexes

Splunk Buckets & Classification

Estimating index storage

Creating a new index

Using Fields in Searches

What is a Field

Use Fields in search

Field Extractor for REGEX field extraction

Delimiting Field Extraction using FX

Creating Scheduled Reports and Alerts

Describe scheduled reports

Configure scheduled reports

Describe alerts

Create alerts

Workflow

GET, POST and SEARCH workflow actions

Pipeline

search pipeline

Examine the search pipeline

Using Basic Transforming Commands

The top command

The rare command

The stats command

Correlating Events

search the transactions

Creating Reports and Dashboards

Save a search as a report

Create reports that include visualizations such as charts and tables

Create a dashboard

Add a report to a dashboard

Edit a dashboard

Tags and Event Types

Introduction to Tags in Splunk

Deploying Tags for Splunk search

Understanding event types

Generate and implement event types in the search

Datasets and the Common Information Model

Naming conventions

What are datasets?

What is the Common Information Model (CMI)

Creating and Using Lookups

Describe lookups

Create a lookup file and create a lookup definition

Using Pivot

Describe Pivot

Understand the relationship between data models and pivot

Select a data model object

Create a pivot report

Add a pivot report to a dashboard